package com.ithaipeng.gateway.filter;

import org.springframework.cloud.gateway.filter.GatewayFilterChain;
import org.springframework.cloud.gateway.filter.GlobalFilter;
import org.springframework.core.Ordered;
import org.springframework.http.HttpStatus;
import org.springframework.http.server.reactive.ServerHttpRequest;
import org.springframework.stereotype.Component;
import org.springframework.util.MultiValueMap;
import org.springframework.web.server.ServerWebExchange;
import reactor.core.publisher.Mono;


/**
 * 自定义一个全局过滤器
 *
 *      需求：定义全局过滤器，拦截请求，判断请求的参数是否满足下面条件：
 * 参数中是否有authorization，
 * authorization参数值是否为admin
 * 如果同时满足则放行，否则拦截
 */
//@Order(value = -1)//值越小，优先级越高，拦截器越靠前 或者实现Order接口
@Component
public class AuthorizeFilter implements GlobalFilter, Ordered {
    @Override
    public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) {
        //1 ：获取请求参数
        ServerHttpRequest request = exchange.getRequest();
        MultiValueMap<String, String> queryParams = request.getQueryParams();
        //2 获取参数中的authorization参数
        String auth = queryParams.getFirst("authorization");
        //3 判断参数是否是admin
        if (auth != null && auth.equals("admin")) {
            //4 是 放行
           return chain.filter(exchange);
        }

        //5 不是，那就拦截
        //5.1 设置状态码
        exchange.getResponse().setStatusCode(HttpStatus.UNAUTHORIZED);
        //5.2 拦截请求
        return exchange.getResponse().setComplete();
    }

    @Override
    public int getOrder() {
        return -1;
    }
}
